Associate
- Joined
- 22 Aug 2011
- Posts
- 240
How would I go about the following problem?
For my final project for Univesity, I chose to create an E-commerce based wbesite and I have a login page for the Admin back-end, but obviously if you know the extensions such as link_here/admin.php you can still access the back-end through that page.
How would I go about forcing the user to log-in through the log-in page created if you try to just type in that URL?
As obviously (this is for a real world client) and that would be a major security flaw.
So for example:
User (somehow) knows the full link to access the admin side of the wesbite > types in www.blabla.com/admin.php > when this page loads he is linked to the Admin login page > and now he is forced to login before he can enter that admin page.
For my final project for Univesity, I chose to create an E-commerce based wbesite and I have a login page for the Admin back-end, but obviously if you know the extensions such as link_here/admin.php you can still access the back-end through that page.
How would I go about forcing the user to log-in through the log-in page created if you try to just type in that URL?
As obviously (this is for a real world client) and that would be a major security flaw.
So for example:
User (somehow) knows the full link to access the admin side of the wesbite > types in www.blabla.com/admin.php > when this page loads he is linked to the Admin login page > and now he is forced to login before he can enter that admin page.
Last edited: